Re Comcast is injecting 400+ lines of JavaScript into web pages

["Dave Farber" <farber () gmail com>]

> Begin forwarded message:
>
> From: Brett Glass <brett () lariat net>
> Subject: Re: [IP] Fwd: Comcast is injecting 400+ lines of JavaScript into web pages
> Date: December 11, 2017 at 1:51:28 PM EST
> To: dave () farber net
>
> Dave, and everyone:
>
> As an ISP, I often have trouble contacting our customers. They change telephone numbers and e-mail addresses without 
> telling us; our notices often wind up in their "spam" folders (sometimes simply because they have words relating to 
> their account); a spouse is sometimes handling household affairs; roommates change; not all telephone numbers accept 
> text messages; etc. At one time, we attempted to use a feature which allowed us to pop up a message on machines that 
> ran Microsoft Windows. Alas, this feature was abused by spammers... and, instead of allowing it to be limited to 
> messages from the local ISP, Microsoft turned it off completely. (It also had the disadvantage of not being 
> cross-platform.)
>
> By far the best way to get a user's attention is to get a simple message onto the user's screen. We do not inject 
> Javascript (it is our company policy never to rely upon client-side scripting due to the many security and 
> incompatibility problems it causes), but do sometimes divert the user's browser to a screen asking that he or she 
> call us. Ironically, this too sometimes fails due to SSL, so we have had to tailor the system to do this only during 
> accesses to URLs beginning with http:// <http:///>, not https:// <https:///>.
>
> Until and unless an alternative cross-platform method for the ISP to get in touch with users is universally 
> implemented, this will remain the best way of getting a user's attention - and a perfectly reasonable one. Our users 
> have thanked us for it - especially when we've notified them that they appear to have malware infections or need an 
> equipment upgrade. It is also reasonable network management. We therefore believe that any and all responsible ISPs 
> with good customer service should be allowed to do it.
>
> --Brett Glass, LARIAT.NET
>
> At 08:54 AM 12/10/2017, you wrote:
>  
>
> > ---------- Forwarded message ---------
> > From: DV Henkel-Wallace <gumby () henkel-wallace org <mailto:gumby () henkel-wallace org> >
> > Date: Sun, Dec 10, 2017 at 10:53 AM
> > Subject: Comcast is injecting 400+ lines of JavaScript into web pages
> > To: David Farber <dave () farber net <mailto:dave () farber net>>
> >
> >
> > Apparently Comcast feels it gets to decide what I should see on the web pages I choose.  Injecting random 
> > *executable content* is no different from providing other editorial “improvements”.
> >
> > The response from Jason Livingood, who should know better, is particularly tone deaf and self righteous.
> >
> > Unfortunately where I live my “choices” are Comcast and sub-384kb AT&T DSL (despite being less than a mile from the 
> > CO and the PAIX for that matter). 
> >
> > A snippet from 
> > http://forums.xfinity.com/t5/Customer-Service/Are-you-aware-Comcast-is-injecting-400-lines-of-JavaScript-into/td-p/3009551
> >  
> > <http://forums.xfinity.com/t5/Customer-Service/Are-you-aware-Comcast-is-injecting-400-lines-of-JavaScript-into/td-p/3009551>(code
> >  is included downthread).
> >
> >
> >
> > > Are you aware? Comcast is injecting 400+ lines of JavaScript into web pages.
> > >
> > >
> > >
> > > I just learned of this dispicable Comcast practice today and I am livid.  Comcast began injecting 400+ lines of 
> > > JavaScript code in to pages I requested on the internet so that when the browser renders the web page, the 
> > > JavaScript generates a pop up trying to up-sell me a new modem.  When you call the number in the popup, they're 
> > > quick to tell you that you need a new modem, which in my case is not true.  I later verified with level-2 support 
> > > that my modem is pefectly fine and I don't need to upgrade.  As deceptive as that is however, my major complaint is 
> > > that Comcast is intercepting web pages and then altering them by filling them with hundreds of lines of code.  Even 
> > > worse is that I've had to speak to 7 different supervisors from all areas of Comcast and they have either never 
> > > heard of the process, or those who were aware of the practice don't know how to turn it off. 
> >
> > Sent from my iPad
> > Archives <https://www.listbox.com/member/archive/247/=now>  
> > <https://www.listbox.com/member/archive/rss/247/125300-2f92aa2e>| Modify <https://www.listbox.com/member/?&;> Your 
> > Subscription | Unsubscribe Now 
> > <https://www.listbox.com/unsubscribe/?&&post_id=20171210105448:70B9CD24-DDC2-11E7-8953-E97FD683EF5B> 
> > <http://www.listbox.com/>



-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/18849915-ae8fa580
Modify Your Subscription: https://www.listbox.com/member/?member_id=18849915&id_secret=18849915-aa268125
Unsubscribe Now: 
https://www.listbox.com/unsubscribe/?member_id=18849915&id_secret=18849915-32545cb4&post_id=20171211135436:B9BBFC1C-DEA4-11E7-ABD4-C4D067573D43
Powered by Listbox: http://www.listbox.com